Baker Tilly Woroszylska Legal Sp. k. trading as Baker Tilly Woroszylska Legal is a member of the global network of Baker Tilly International Limited, the members of which are separate and independent legal entities.

Privacy and cookies policy of the www.tpa-group.pl service

This document regulates the Privacy and cookies policy of the internet service kept in the domain service@tpa-group.pl (hereinafter referred to as: the Service). TPA Poland (hereinafter referred to as the Service Provider) shall exercise all due diligence in order to respect the privacy of Service Users.

Data Controller

The Data Controller of the data in the Service www.tpa-group.pl is TPA Management Sp. z o.o. with its registered office in Poznań, ul. Młyńska 12, NIP [tax identification number]: 1070010139, REGON [statistical number]: 141252235, entered into the Register of Entrepreneurs of the National Court Register kept by the District Court Poznań-Nowe Miasto i Wilda in Poznań, VIII Commercial Division of the National Court Register, under KRS number: 0000293747, which is the Service Administrator, Service Provider and Seller.

Contact with the Data Controller is possible at the e-mail address: service@tpa-group.pl

Personal data

Users who use the services provided electronically via the Service are requested to provide personal data voluntarily. The Data Controller processes the collected data under article 6 clause 1, paragraph a) of the Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016, on the protection of natural persons with regard to the processing of personal data and on the free movement of such data.

Each time the purpose and scope of personal data processed by the Data Controller results from actions taken by the User in the Service.

The User may transfer their personal data to the Data Controller using the forms available on the www.tpa-group.pl Service, such as:

1) Contact form

Personal data provided to the Data Controller in the contact form are processed in order to respond to the sent message. The scope of personal data being processed: name, surname, e-mail address.

2) Newsletter subscription form

Personal data provided to the Data Controller in the newsletter subscription form are processed in order to send the newsletter to the User. The scope of personal data being processed: name, surname, gender, e-mail address.

3) Notification of new blog entries

Personal data provided to the Data Controller in the newsletter subscription form are processed in order to send the newsletter to the User. The scope of personal data being processed: e-mail address.

4) Publication order

Personal data provided to the Data Controller in the publication order form are processed in order to send to the User a printed or electronic version of the ordered materials. The scope of personal data being processed: name, surname, correspondence address, e-mail address

Declaration

In pursuit of the overriding goal of respecting Users’ privacy, we strive to maintain all due diligence. To meet this assumption, we comply with the standards and principles resulting from generally applicable laws. In particular, we make every effort to ensure that Users’ personal data are:

processed in accordance with the law, reliably and transparently for the data subject

collected for specific, explicit and legitimate purposes justified in this document

not subject to further processing non-compliant with the above purposes

factually correct and adequate for the purpose for which they are processed

stored in a form which permits the identification of data subjects no longer than necessary to achieve the purpose of processing

processed in a manner ensuring adequate personal data protection, including protection against unauthorized or unlawful processing and accidental loss, destruction or damage.

Entrusting and making available personal data

The Data Controller reserves that pursuant to the applicable provisions on personal data protection, s/he can entrust the processing of personal data of Users to other entities in order to properly perform activities related to hosting, administration, maintenance and management of the Service by these entities, as well as to exercise claims and explain the circumstances of unauthorized use of services provided electronically.

The Controller hereby informs the User that s/he entrusts personal data processing to entities such as law firms, IT companies, claims adjusters, contractors of claims adjusting services, etc.

Entrusting personal data is always based on a personal data processing contract.

We do not share the collected data with third parties, except for situations when it is required by generally applicable law, i.e. on the basis of a request of an authority or court authorized to do so.

System logs

These are internal event logs of the Service server, automatically recording page requests, and sent when Users visit its websites. System logs contain a page request sent by the User, an IP address, browser type, browser language, date and time of the request, and at least one “cookie” file that can uniquely identify the User’s browser.

Data collected in the system logs are used by the Service Provider for an indefinite period only to administer the Service. They are not transferred to third parties, excluding the circumstances described in this document.

Pixel tag

We or third parties, through the cookies they administer, may use the functionality of pixel tags. These are elements published in digital content and they enable the recording of information, e.g. on the User’s activity on the website.

Cookies – introduction

While providing services to Users, we use professional technologies to collect and save information, such as cookies. These are commonly used, small files containing a string of characters that are sent and stored on the end device (e.g. computer, laptop, tablet, smartphone) used by the User when visiting the Service. This information is sent to the clipboard of the used browser, which sends it back during subsequent visits to the website. Cookies contain information necessary for the proper use of the Service. They usually contain the name of the website they come from, their storage time on the end device and a unique number.

Basis for cookies processing

Users using the services rendered electronically via the Service are asked to voluntarily consent to the processing of cookies by storing information or accessing information already stored in their telecommunications end devices.

The consent to the processing of cookies takes place in particular through the use of a button containing a declaration of consent to the processing of cookies or confirmation of reading its terms. This consent may be revoked at any time, free of charge, and in a manner described in the section on cookies management.

We process cookies on the basis of article 173 of the Act of 16 July 2004 Telecommunications Law (Journal of Laws of 2016, No. 0, item 1489, as amended).

Which cookies will be used?

The Data Controller uses the following cookies:

a) necessary files – these files allow for the proper operations of the Service and the functionalities that the User wants to use, e.g. authentication cookies. Without saving them on the User’s device, the use of the Service is impossible

b) functional files – files that allow for remembering the settings selected by the User and adapting them to their needs and preferences, e.g. in terms of the selected language, font size, and the appearance of the website. They allow the Data Controller to improve the functionality and performance of the site. Without saving them on the User’s device, the use of certain Service functionalities may be limited,

In terms of their validity:

session files – with a memory of up to several days

In terms of the distinction of the cookies controller:

Data Controller’s cookies

third party cookies

Data Controller’s cookies

Data Controller’s cookies allow for recognizing the User’s device and display the Service website tailored to their individual expectations, making the use of its functionalities easier and more enjoyable. By saving these files on the user’s device, it is possible, for example, to remember login details, keep the session after logging in, remember selected goods or services, or adapt to the preferences of the User, such as the distribution of content, language, or its colour.

Third party cookies

The Service Provider may use cookies used by Google Inc. 1600 Amphitheatre Pkwy, Mountain View, CA 94043, United States as part of the following services:

Google Adwords – they allow for conducting and evaluating the quality of advertising campaigns carried out using Google Adwords

Google Analytics – they allow for evaluating the quality of advertising campaigns carried out using the Google Adwords service, as well as for studying the behaviours and traffic of Users and for compiling traffic statistics

Google Maps – they allow for storing information about the User, which enable the use of map functionalities available as part of the Google Maps service. Google Inc. can track the location of the User

Google Tag Manager

Yandex metrica

YouTube – they allow for storing information about the User, which enables the use of functionalities of the YouTube service. Google Inc. can track videos played by the User.

The Data Controller may use cookies used by Facebook Inc. 1 Hacker Way, Menlo Park, CA 94025, United States. These files can be used to connect user accounts: on an external Facebook social network with the Service account. These files can also be used to process User’s actions on Facebook using the “Share” or “Like” buttons. The processing of these activities may be public.

The use of third party cookies is subject to the privacy and cookies policy used by these entities. We encourage you to read the terms and conditions of personal data processing and privacy protection policies of entities that most often and to the widest extent process our data.

Managing cookie files and other information

Most often, browser settings allow for placing cookies and other information on the end device. If the User does not agree to save these files, it is necessary to change the browser settings accordingly. It is possible to disable saving cookies for all connections from a given browser or for a specific website, as well as to delete them. The method of managing cookie files depends on the used software, hence detailed information about the possibilities and ways of using can be found in the settings of the web browser, which the User uses to connect to the Service website. Consent to the processing of cookies is voluntary. However, it should be remembered that restrictions on their use may make it difficult or impossible to use the services offered on the Service.

Links to other websites

The Service may contain links to other websites. We are not responsible for the privacy and cookies policies of other websites. We recommend that you read the privacy and cookies policy of these websites.

Contact and notifications

We are constantly doing our best to process Users’ personal data and cookies in compliance with the highest standards. That is why we have implemented a system of immediate reaction to situations of threats to these standards. If you identify a threat or violation, please contact us immediately using the following details:

service@tpa-group.pl

We will be happy to hear all your feedback. Therefore, in case of any questions, requests or doubts related to the processing of personal data or cookies, we encourage you to contact us.

Your personal data will be processed to provide services. We guarantee your exercise of any rights under the General Data Protection Regulation, i.e. the the right of access, rectification and deletion of your data, restriction of processing, right to transfer, non-coverage by automated decision-making, including profiling, and the right of objection to the processing of your personal data.

TPA Poland has appointed the data protection officer, who can be contacted by e-mail: iodo@tpa-group.pl, mail address: Data Protection Officer at ul. Młyńska 12, 61-730 Poznań

What are your rights towards TPA Poland with respect to data processing?

We guarantee your exercise of any rights under the General Data Protection Regulation, i.e. the the right of access, rectification and deletion of your data, restriction of processing, transfer, non-coverage by automated decision-making, including profiling, and the right of objection to the processing of your personal data.

You may exercise those rights if:

you notice, with reference to the request for data rectification, that your data is incorrect or incomplete

with reference to the request to delete: your data is no longer be necessary for the purposes for which they were collected by TPA Poland, you withdraw your consent to data processing, you file an objection to the processing of your data, your data are processed unlawfully; the data should be deleted to comply with a legal duty

with reference to the request for restriction of processing: you notice that your data are incorrect – you may request restriction of processing of your data for a period allowing us to check whether they are correct; your data are processed unlawfully, but you do not want them to be deleted; we no longer need your data, but they may be required to defend or pursue any claims; or you object to data processing – until it is determined whether our legitimate interest overrides the basis for the objection

with reference to data transfer requests: the processing of your personal data is based on your consent or agreement concluded with you and if the processing is automatic.

You have the right to file a complaint about our processing of your personal data to the supervisory authority, that is the Inspector General for the Protection of Personal Data (address: Inspector General for the Protection of Personal Data at ul. Stawki 2, 00-193 Warsaw).

How long do we store your personal data?

We store your personal data for the duration of the agreement concluded with you, and after its dissolution:

to pursue claims related to the performance of the agreement

to perform our duties under the law, in particular tax and accounting duties

to prevent misuse and fraud

for statistical and record-keeping purposes

for a maximum period of 10 years after dissolution of the agreement.

We store your personal data for marketing purposes for the term of the agreement or until you object to such processing, whichever occurs first.

With reference to the organisation of loyalty programmes, competitions and promotions that your are eligible to participate in, we will process you data for their duration and until prizes are accounted for. For accountability purposes, i.e. to demonstrate compliance with the personal data processing regulations, we will store the data for a period in which TPA Poland is required to retain the data or documents containing such data to produce evidence of compliance with legal requirements and to enable review of such compliance by public authorities.

Do we transfer your data to countries outside the European Economic Area?

Your personal data will be transferred outside the European Economic Area to PipelineDeals, registered office at 1008 Western Ave #401, Seattle, WA 98104, United States of America, based on the appropriate legal safeguards, such as standard personal data protection contractual clauses approved by the European Commission.

Do we perform automated processing of your personal data (including profiling) in a way which affects your rights?

You personal data will be processed in an automated manner (including by profiling), but this will not have any legal ramifications for you, or otherwise materially affect you situation.

The profiling of personal data by TPA Poland involves the processing of your data (including by automated means) by using them to evaluate certain information about you, and in particular to analyse or predict personal preferences or interests.

Baker Tilly Woroszylska Legal – clause

Baker Tilly Woroszylska Legal Sp.k. trading as Baker Tilly Woroszylska Legal is an independent member of Baker Tilly International. Baker Tilly International Limited is an English company. Baker Tilly International provides no professional services to clients. Each member firm is a separate and independent legal entity, and each describes itself as such. Baker Tilly Woroszylska Legal Sp.k. is not Baker Tilly International’s agent and does not have the authority to bind Baker Tilly International or act on Baker Tilly International’s behalf. None of Baker Tilly International, Baker Tilly Woroszylska Legal, nor any of the other member firms of Baker Tilly International has any liability for each other’s acts or omissions. The name Baker Tilly and its associated logo is used under licence from Baker Tilly International Limited.